About VM Monitoring on Nutanix

The Panorama plugin for Nutanix facilitates the use of dynamic address groups by monitoring virtual machines in your Nutanix environment. Prism Central groups entities in your Nutanix environments by categories and filters them further by value. Panorama creates tags based on categories and values you define in Prism Central. When a virtual machine is placed in a category and assigned a value, Panorama applies the corresponding tag to the virtual machine’s IP address. You can then create security policy by using the tags as match criteria for dynamic address groups in Panorama.
nutanix-plugin-category-value.png
In the example above, we have two categories—Dev and HR—with two values within each of them. And these categories are within the cluster, which is within Prism Central. After you begin monitoring your Nutanix environment, Panorama uses value, category, cluster, and Prism Central to form tags. When you view the match criteria for dynamic address groups, the tags are listed in the following format.
ntnx.PC-<prism-central-name>.CL-<cluster-name>.<category>.<value>
With the information in the example above, Panorama creates the following tags.
ntnx.PC-PrismCentralHQ.CL-ClusterAlpha.Dev.Engineering
ntnx.PC-PrismCentralHQ.CL-ClusterAlpha.Dev.QA
ntnx.PC-PrismCentralHQ.CL-ClusterAlpha.HR.Recruiting
ntnx.PC-PrismCentralHQ.CL-ClusterAlpha.HR.Benefits
To secure these workloads in these categories, use tags such as these as match criteria in the dynamic address groups. You can then use the dynamic address groups as source and destination address groups in your security policy rules. When a virtual machine joins a dynamic address group, the policy your created is applied automatically.

Recommended For You